Contents

Overview

Identify the hot spots in your application architecture to understand the areas where mistakes are most likely to be made. Key hotspots can be organized around quality attributes and cross cutting concerns.

Outcomes

Architecture Frame

The architecture frame represents cross cutting concerns that will impact your design across layers and tiers. These are also the areas in which high impact design mistakes are most often made. Use the architecture frame to identify hot spots in your design that require additional attention to get right.

You can use the following architecture frame to identify cross cutting concerns in your design:

Area

Description

Authentication and Authorization

How to choose an authentication strategy.

How to choose an authorization strategy.

How to flow identity across layers and tiers.

How to store user identities when not using Active Directory.

Caching and State

How to choose an appropriate caching technology.

How to determine what data to cache.

How to determine where to cache the data.

How to determine the expiration policy.

Communication

How to choose appropriate protocols for communication across layers and tiers.

How to design loose coupling across layers.

How to perform asynchronous communication.

How to pass sensitive data.

Composition

How to choose a composition pattern for the user interface (UI).

How to avoid dependencies between modules in the UI.

How to handle communication between modules in the UI.

Concurrency and Transactions

How to handle concurrency between threads.

How to choose between optimistic and pessimistic concurrency.

How to handle distributed transactions.

How to handle long running transactions.

Configuration Management

How to determine what information needs to be configurable.

How to determine where and how to store configuration information.

How to protect sensitive configuration information.

How to handle configuration information in a farm/cluster.

Coupling and Cohesion

How to choose an appropriate layering strategy for separation of concerns.

How to design highly cohesive components and group them within layers.

How to determine when loose coupling is appropriate between components within a layer.

Quality Attributes

Quality attributes are the cross cutting concerns that affect runtime performance, system design and user experience. Quality attributes are important for the overall usability, performance, reliability, and security of software applications. The quality of the application is measured by how the application possesses a desired combination of these quality attributes. When designing applications to meet any of these requirements it is necessary to consider the impact on other requirements or by taking them into account. You need to analyze the trade-offs between multiple quality attributes. The importance or priority of each quality attributes differs from system to system, for example in LOB system performance, scalability, security, and usability will be very important than interoperability, but in packaged application interoperability will be very important.

Quality attributes represent areas of concern that have the potential for application-wide impact across layers and tiers. Some are related to the overall system design, while others are specific to runtime, design time, or user-centric issues. Use the following table to help you organize your thinking about the quality attributes, and to understand which scenarios they are most likely to affect.

Quality Attribute Frame

The following table frames out the quality attributes covered in this chapter. You can use this table to understand what each of the quality attributes means in terms of your application design.

Category

Description

Availability

Availability defines the proportion of time that the system is functional and working. It can be measured as a percentage of the total system downtime over a predefined period. Availability will be affected by system errors, infrastructure problems, malicious attacks, and system load.

Conceptual Integrity

Conceptual integrity defines the consistency and coherence of the overall design. This includes the way that components or modules are designed, as well as factors such as coding style and variable naming.

Flexibility

Flexibility is the ability of a system to adapt to varying environments and situations, and to cope with changes to business policies and rules. A flexible system is one that is easy to reconfigure or adapt in response to different user and system requirements.

Interoperability

Interoperability is the ability of diverse components of a system or different systems to operate successfully by exchanging information, often by using services. An interoperable system makes it easier to exchange and reuse information internally as well as externally.

Maintainability

Maintainability is the ability of a system to undergo changes to its components, services, features, and interfaces as may be required when adding or changing the functionality, fixing errors, and meeting new business requirements.

Manageability

Manageability defines how easy it is to manage the application, usually through sufficient and useful instrumentation exposed for use in monitoring systems and for debugging and performance tuning.

Performance

Performance is an indication of the responsiveness of a system to execute any action within a given interval of time. It can be measured in terms of latency or throughput. Latency is the time taken to respond to any event. Throughput is the number of events that take place within given amount of time.

Reliability

Reliability is the ability of a system to remain operational over time. Reliability is measured as the probability that a system will not fail to perform its intended functions over a specified interval of time.

Reusability

Reusability defines the capability for components and subsystems to be suitable for use in other applications and in other scenarios. Reusability minimizes the duplication of components and also the implementation time.

Scalability

Scalability is the ability of a system to function well when there are changes to the load or demand. Typically, the system will be able to be extended over more powerful or more numerous servers as demand and load increase.

Security

Security defines the ways that a system is protected from disclosure or loss of information, and the possibility of a successful malicious attack. A secure system aims to protect assets and prevent unauthorized modification of information.

Supportability

Supportability defines how easy it is for operators, developers, and users to understand and use the application, and how easy it is to resolve errors when the system fails to work correctly.

Testability

Testability is a measure of how easy it is to create test criteria for the system and its components, and execute these tests to determine if the criteria are met. Good testability makes it more likely that faults in a system can be isolated in a timely and effective manner.

Usability

Usability defines how well the application meets the requirements of the user and consumer by being intuitive; easy to localize and globalize; provide good access for disabled users; and provide a good overall user experience.

Security Frame

Security frames define a set of pattern-based categories that organize repeatable problems and solutions. You can use these categories to divide your application architecture for further analysis, and to help you identify application vulnerabilities. The categories within the frame represent the critical areas where mistakes are most often made.

Category

Description

Auditing and Logging

Who did what and when? Auditing and logging refer to how your application records security-related events.

Authentication

Who are you? Authentication is the process where an entity proves the identity of another entity, typically through credentials, such as a user name and password.

Authorization

What can you do? Authorization refers to how your application provides access controls for resources and operations.

Configuration Management

Who does your application run as? Which databases does it connect to? How is your application administered? How are these settings protected? Configuration management refers to how your application handles these operations and issues.

Cryptography

How are you handling secrets (confidentiality)? How are you tamper-proofing your data or libraries (integrity)? How are you providing seeds for random values that must be cryptographically strong? Cryptography refers to how your application enforces confidentiality and integrity.

Exception Management

When a method call in your application fails, what does your application do? How much information do you reveal? Do you return friendly information to end users? Do you pass valuable exception information back to the caller? Does your application fail gracefully? Exception management refers to how you handle exceptions within your application.

Input and Data Validation

How do you know that the input your application receives is valid and safe? Input validation refers to how your application filters, scrubs, or rejects input before additional processing. Consider constraining input through entry points and encoding output through exit points. Do you trust data sources such as databases and file shares?

Sensitive data

How does your application handle sensitive data? Does your application protect confidential user and application data? Sensitive data refers to how your application handles any data that must be protected either in memory, over the network, or in persistent stores.

Session Management

How does your application handle and protect user sessions? A session refers to a session of related interactions between a user and your Web application.

Use the security frame to determine key security design decisions for your application.

Performance Frame

The following performance frame defines a set of patterns-based categories organized around repeatable problems and solutions. You can use these categories to divide your application architecture for further analysis, and to help identify application performance issues. The categories within the frame represent the critical areas where mistakes are most often made.

Category

Description

Caching

What and where to cache? Caching refers to how your applications stores frequently used data at a location close to the point of use to reduce the number of round-trips. The main points to be considered are per-user caching, application-wide caching, and data volatility.

How to handle concurrent user interactions? Concurrency refers to choices for transaction, locks, threading, and queuing.

Coupling / Cohesion

How to structure the application? Coupling refers to the relationship between components or sub-systems. Tight coupling leads to the creation of an architecture where changes ripple through components making it hard to understand and modify the code. Cohesion refers to the way components or classes are composed. If a component or class has a well-defined role within the entire system, then it is said to be highly cohesive.

Data Access

How to access data? Data access refers to choices and approaches for schema design, paging, hierarchies, indexes, volume of data, and round trips.

Data Structures

How to handle data? Data structures and algorithms refer to the choice of code algorithms, and the choice of application entities (such as arrays or collections).

Exception Management

How to handle exceptions? Exceptions management refers to choices and approaches for catching, managing, and throwing exceptions.

What and where to maintain state? State management refers to how your application maintains state. The main points to consider are per-user state, application-wide state, state persistence, and state store location.